On Wed, 24 Jun 2015 10:14:04 +0200
Mark Wielaard <mjw@redhat.com> wrote:
> I am very interested in the results of the gcc sanitizers, valgrind,
> fuzzers, etc. It really helped make elfutils much more robust. For
> 0.163 all known crashers were fixed. So if you are still able to
> crash elfutils libraries or tools, please do report.
>
> But in this case as far as I know these kind of malloc argument checks
> are indeed just noise. We do check the results of malloc everywhere
> (or should at least). I might be wrong of course, or miss something
> subtle. So please do let me know if you think it is something to fix
> differently from how we handle it currently.
Ok, I am aware that these things are debatable.
One reason you might want to fix such issues is that they could be used
to cause memory exhaustion. E.g. you have a server that processes files
and you send them specially crafted small files that will use up a lot
of memory, but not that much that malloc failes.
Therefore imho it makes sense to add some sanity checks. Parsers should
never accept any field sizes that are larger than the file itself.
This is probably not so much an issue in self-containing tools like
elfutils. Honestly the biggest reason I report these is that asan
complains about them and it makes fuzzing easier if they get fixed. But
it's up to you. (Most other apps where I reported similar things fixed
them)
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno@hboeck.de
GPG: BBB51E42